<?php
if(!defined('ADMINPX') || !defined('ADMIN')) {
	exit('Access Denied');
}
$act=$_GET['act'];
$id=$_GET['id'];
if($act=='ubb'){
?>
<div class="admin">后台UBB大全</div>
<div class="admin_a">换行：<input class="text" type="text"  value="[br]"/></div>
<div class="admin_a">粗体：<input class="text" type="text"  value="[b]内容[/b]"/></div>
<div class="admin_a">下横：<input class="text" type="text"  value="[u]内容[/u]"/></div>
<div class="admin_a">斜体：<input class="text" type="text"  value="[i]内容[/i]"/></div>

<div class="admin_a">贴图：<input class="text" type="text"  value="[img]地址[/img]"/></div>
<div class="admin_a">连接：<input class="text" type="text"  value="[url=地址]标题[/url]"/></div>
<div class="admin_a">时间：<input class="text" type="text"  value="[time][date][now]"/></div>
<div class="admin_a">版本切换：<input class="text" type="text"  value="[banben]"/></div>
<div class="admin">帖子调用<input class="text" type="text"  value="[forum=1_5_0_4]"/></div>
第一个参数,展示样式。1文字，2幻灯片，3图文<br/>
第二个参数,调用条数。<br/>
第三个参数,论坛id, 0为全部。<br/>
第四个参数,0为最新,1为随机,2为阅读,3为回复,4为动态 ,5为精华,6为推存<br/>

<div class="admin">会员调用<input class="text" type="text"  value="[user=5_0]"/></div>
第一个参数,调用条数。<br/>
第二个参数,0为最新，1为男生，2为女生，3为头像，4为动态，5为在线<br/>

<div class="admin">友链调用<input class="text" type="text"  value="[link=5_0_0]"/></div>
第一个参数,调用条数。<br/>
第二个参数,0为全部，1为固链，2为热门，3为推荐，4为兄弟<br/>
第三个参数,0为最新，1为链入多，2为链出多，3为随机<br/>

<?php
  $sql_bbs  =$db->query('pluginubb',"1 ORDER BY `id` DESC ",'');
  while($row=mysql_fetch_array($sql_bbs)){
echo <<<end
<div class="admin">插件调用<input class="text" type="text"  value="[plugin=$row[identifier]#$row[name]]"/></div>
$row[content]<br/>
end;
  }
}else if($act=='sid'){
      $action='login';
		  setcookie('admin_pwss','');
		  setcookie('admin_time','');
      echo "退出成功！<br/>正在自动返回.......<br/><a href=\"admin.php?\">请手动返回</a><br/><meta http-equiv=refresh content='3;url=admin.php?'>";
}else if($act=='cache'){
      $ds=deldir('cache');
      echo "清空 $ds 个缓存文件！<br/>正在自动返回.......<br/><a href=\"admin.php?\">请手动返回</a><br/><meta http-equiv=refresh content='3;url=admin.php?'>";
}else if($act=='dl'){
      echo"<a href='admin.php?action=wzgj&act=dlsc'>清空记录</a><div class='admin'>后台登陆记录<br/></div>";
 		  $sqma=$db->query('user_dl',"`uid` = '$user_uid' and `type` = '1' ORDER BY `time_a` DESC LIMIT 0,10",'');
      while($hya=mysql_fetch_array($sqma)){
             $sj=Bingz_time_q($hya['time_a']);
              echo"<div class='admin_a'>$hya[uip_dz](<font color=\"#000000\">$hya[uip]</font>)(<font color=\"#ff0000\">$hya[zhuangt]</font>) <br/>会员(uid:$hya[uid])时间:$sj<br/></div>";
      }
}else if($act=='dlsc'){
      echo"<div class='admin'>后台登陆记录<br/></div>";
 		  $db->delete('user_dl',"`type` = '1' ");
	 echo "成功<br/>";
   echo "正在自动返回.......<br/><a href=\"admin.php?action=wzgj&act=dl\">请手动返回</a><br/><meta http-equiv=refresh content='3;url=admin.php?action=wzgj&act=dl'>";
}else if($act=='onlineok'){
	 if($_GET['lx'] == 'a'){
	     $db->delete('website_statistics',"`id` ='$id' ");
	 }else if($_GET['lx'] == 'b'){
	     $db->delete('website_statistics',"1");
	 }
	 ?>
   操作成功！<br/>
   <a href="admin.php?action=wzgj&act=online&$smoe">返回网站统计</a><br/>
   <?php 
}else if($act=='online'){
   echo"<div class='admin'>网站访问统计<br/></div>";
   $num_count=$db->num_rows('website_statistics',"1 ",'id');
   $list_num ="10";
   $num_start=page_num($list_num,$num_count);
   $sql_bbs  =$db->query('website_statistics',"1 ORDER BY `id` DESC LIMIT ".$num_start." , ".$list_num." ",'');
   $a        =$num_start+'1';
   while($row=mysql_fetch_array($sql_bbs)){
     $sjts=date('Y-m-d',"$row[time_a]");
     $wip=$row[wap_ip]+$row[wpc_ip]+$row[web_ip];
     $wpv=$row[wap_pv]+$row[wpc_pv]+$row[web_pv];
   ?>
     <div class='admin_a'><?php echo $sjts; ?>(<font color="#ff0000"><?php echo $wip.'</font>/<font color="#ff0000">'.$wpv; ?></font>) 登陆会员(<font color="#ff0000"><?php echo $row[user]; ?></font>) 
     	<a href="admin.php?action=wzgj&act=onlineok&lx=a&id=<?php echo $row[id]; ?>">删除</a><br />
     	wap(<font color="#000000"><?php echo $row[wap_ip].'</font>/<font color="#000000">'.$row[wap_pv]; ?></font>) 
     	wpc(<font color="#000000"><?php echo $row[wpc_ip].'</font>/<font color="#000000">'.$row[wpc_pv]; ?></font>) 
     	web(<font color="#000000"><?php echo $row[web_ip].'</font>/<font color="#000000">'.$row[web_pv]; ?></font>) (ip/pv)
     </div>
<?php
   $a++;
   }
   echo $page=page_link($list_num,$num_count);
?>
<div class='admin_b'><a href="admin.php?action=wzgj&act=onlineok&lx=b&id=<?php echo $row[id]; ?>">删除全部信息</a></div>
<?php
}else if($act=='sql'){
      echo "<div class='admin' >数据库sql执行</div>";
      if($_POST[adminpost]){
      	 $content=str_replace('\"','"',$_POST[name]);
         $content=str_replace("\'","'",$content);
         echo hfsjk_sql($content,'1');
      }elseif($_POST[b1]){
	       $bzwjc=Bingz_upload('/','sql');
         if($bzwjc[1] == '1'){
    	      $smtabb=hfsjk_sql("data/".$bzwjc[2]);
			      echo"【<b>数据库升级</b>】执行成功！<br/>执行结果：$smtabb<br/>";
		        @unlink("data/".$bzwjc[2]);
         }else{
            echo'上传附件：'.$bzwjc[2].'';
         }
      }else{
echo <<<end
<form id="form1" name="form1" method="post" action="admin.php?action=wzgj&act=sql">
  运行 SQL 查询:<br />
  <textarea  class="textarea"  type="text" name="name" ></textarea><br/>
  <input class="submit" type="submit" name="adminpost" value="执行" />
  <br />
  (提示：请认真操作。)<br/>
</form>
<form method="POST" action="admin.php?action=wzgj&act=sql&&acti=save&$see" enctype="multipart/form-data" >
<input type="file" name="upfile" />
<input class="submit" type="submit" value="上传" name="b1" />
</form><br/>
end;
     }
}else if($act=='sql_zip'){
      echo "<div class='admin' >文件执行</div>";
      if($_POST[b1]){
	       $bzwjc=Bingz_upload('/','zip');
         if($bzwjc[1] == '1'){
			         if(zip("data/".$bzwjc[2],'./')){
			            echo"成功！<br/>";
			         }else{
                  echo"失败！<br/>";
		           }
		           @unlink("data/".$bzwjc[2]);
         }else{
            echo'上传附件：'.$bzwjc[2].'';
         }
      }else{
echo <<<end
<form method="POST" action="admin.php?action=wzgj&act=sql_zip&&acti=save&" enctype="multipart/form-data" >
<input type="file" name="upfile" />
<input class="submit" type="submit" value="上传" name="b1" />
</form><br/>
end;
     }
}else if($act=='sql_back'){
      echo "<div class='admin' >数据备份</div>";
      if($_POST[adminpost]){
	      if(!isset($_POST['name']) or $_POST['name']==""){
		      $name=date("Y-m-d-H-i-s")."-".Bingz_sjm(9);
		    }else{
		    	$name=$_POST['name'];
		    }
         $sjknamen=$Bingz_Bmysql.'/'.$name;
         Bingz_create_folder($Bingz_Bmysql);
         Bingz_create_folder($sjknamen);
         $p=sjk_sql($sjknamen,$name);
         echo "数据库备份成功！<br /> <font color=\"#FF0000\">$name</font> 文件夹。共 $p 卷。<br />";
      	 setcookie('sql_back',$name);
      }elseif($_POST[data]){
	      if(!isset($_POST['name']) or $_POST['name']==""){
		      $name='cache/'.date("Y-m-d-H-i-s")."-".Bingz_sjm(9);
		    }else{
		    	$name='cache/'.$_POST['name'];
		    } 
class HZip 
{ 
  private static function folderToZip($folder, &$zipFile, $exclusiveLength) { 
    $handle = opendir($folder); 
    while (false !== $f = readdir($handle)) { 
      if ($f != '.' && $f != '..') { 
        $filePath = "$folder/$f"; 
        $localPath = substr($filePath, $exclusiveLength); 
        if (is_file($filePath)) { 
          $zipFile->addFile($filePath, $localPath); 
        } elseif (is_dir($filePath)) { 
          $zipFile->addEmptyDir($localPath); 
          self::folderToZip($filePath, $zipFile, $exclusiveLength); 
        } 
      } 
    } 
    closedir($handle); 
  } 
  public static function zipDir($sourcePath, $outZipPath) 
  { 
    $pathInfo = pathInfo($sourcePath); 
    $parentPath = $pathInfo['dirname']; 
    $dirName = $pathInfo['basename']; 
    $sourcePath=$parentPath.'/'.$dirName;
    $z = new ZipArchive(); 
    $z->open($outZipPath, ZIPARCHIVE::CREATE);
    $z->addEmptyDir($dirName);
    self::folderToZip($sourcePath, $z, strlen("$parentPath/")); 
    $z->close(); 
  } 
} 
         HZip::zipDir('data', ''.$name.'.zip');           
         echo "文件备份成功！<br />地址<font color=\"#FF0000\">$name.zip</font><br />";
      }else{
         $aa=date("Y-m-d-H")."-".Bingz_sjm(10);
echo <<<end
<form id="form1" name="form1" method="post" action="admin.php?action=wzgj&act=sql_back&&acti=save&$see">
  请输入备份文件名（数据库）:<br />
  <input  class="text" name="name" type="text" id="name" value="$aa" size="25" maxlength="20" />
  <input class="submit" type="submit" name="adminpost" value="备份数据库" />
  <br />
</form>
end;

echo <<<end
<form id="form1" name="form1" method="post" action="admin.php?action=wzgj&act=sql_back&&acti=save&$see">
  请输入备份文件名（网站附件）:<br />
  <input  class="text" name="name" type="text" id="name" value="$aa" size="25" maxlength="20" />
  <input class="submit" type="submit" name="data" value="备份网站文件" />
  <br />
</form>
end;


     }
}else if($act=='sql_reback'){
    echo "<div class='admin' >备份数据</div>";
    $name=$_POST['name'];
    $adminpost=$_POST['adminpost'];
if($_GET['acti'] == "save" && !$_GET['cz']){
    echo "注意：请认证操作。<br /><a href=\"admin.php?action=wzgj&act=sql_reback&&acti=save&name=$name&cz=ok&adminpost=$adminpost\">确定完成此次操作</a>";
}elseif($_GET['acti'] == "save" && $_GET['cz'] == "ok"){
    $name=$_GET['name'];
    if($_GET['adminpost'] == '删除备份数据'){
       $sqlfile =$Bingz_Bmysql.'/'.$name;
       if(!file_exists("$sqlfile")){
       	echo "文件错误。<br />";
       }else{
       $dir = opendir("$sqlfile");
       while ($file = readdir($dir)){
              if( $file =='.' or $file =='..'){
       	      }else{
              	@unlink(''.$sqlfile.'/'.$file.'');
              }
       }
       @rmdir($sqlfile.'/');
       echo "删除备份成功。<br />";
       }
    }elseif($_GET['adminpost'] == '恢复备份数据'){
       $sqlfile =$Bingz_Bmysql.'/'.$name;
       $dir = opendir("$sqlfile");
       while ($file = readdir($dir)){
		      if( preg_match('/.sql/mis',$file)){
	            $sqlfile ="".$Bingz_Bmysql."/".$name."/".$file;
              $sjhts=hfsjk_sql($sqlfile);
              echo " <b>$file</b>  数据库恢复成功。<br />$sjhts <br />";
          }
       }
    }
    echo "<a href=\"admin.php?action=wzgj&act=sql_reback&\">返回页面</a>";
}else{
echo <<<end
<form id="form1" name="form1" method="post" action="admin.php?action=wzgj&act=sql_reback&&acti=save&$see">
end;
$dir = @opendir($Bingz_Bmysql);
while ($file = @readdir($dir)){
		if($file !='.' && $file !='..' && !@strpos($file,'.')){
			echo "<div class='admin_a' ><input class=\"checkbox\" type=\"radio\" name=\"name\" value=\"$file\" />$file </div>";
			$a='1';
		}
}
@closedir($dir);
if(!$a){
	  echo "当前没有备份数据库！<br />";
}
echo <<<end
<input class="submit" type="submit" name="adminpost" value="恢复备份数据" /><br />
<input class="submit" type="submit" name="adminpost" value="删除备份数据" /><br />
(提示：恢复数据库会将所有数据重置到备份状态，建议备份后再恢复。)
</form>
end;
}


}else if($act=='renminbi'){
    echo "<div class='admin' >资金核对</div>";
    $sql=$db->query('user'," ",'');
    $renminbi='0';
    while($waw=mysql_fetch_array($sql)){
    	    $renminbi=$renminbi+$waw[renminbi];
    }
    $brenminbi=Bingz_config('renminbi_config_renminbi');
echo <<<end
<div class='admin_a' >系统记载总金额：$brenminbi</div>
<div class='admin_a' >在线统计总金额：$renminbi</div>
end;
}else if($act=='yuanma'){
   $url=$_POST['url'];
echo <<<end
<form method="POST" action="admin.php?action=wzgj&act=yuanma&$smoe"><br/>
<input  class="text" type="text" name="url" value="$url"/>
<select name="bvb">
<option value="3">手机</option>
<option value="4">电脑</option>
</select>
<input class="submit" type="submit" name="B1" value="获取"/><br/>
</form>
end;
  if($url){
     if($_POST['bvb'] == '2'){
        $android_ua='wap ';
     }else if($_POST['bvb'] == '3'){
        $android_ua='Mozilla/5.0 (Linux; U; Android 4.0.4; zh-cn; sdk Build/MR1)AppleWebKit/534.31 (KHTML, like Gecko) Mobile Safari/534.30';
     }else{
        $android_ua='mozilla/4.0 (compatible; msie 7.0; windows nt 6.1; wow64; trident/4.0; slcc2; .net clr 2.0.50727; .net clr 3.5.30729; .net clr 3.0.30729; media center pc 6.0) ';
     }
     $content=Bingz_collection($url,$android_ua);
  }
  $content=htmlentities($content,ENT_QUOTES,'utf-8');
  $content=preg_replace('/\s{2,}/','<br/>',$content);
   if(!$content){
      echo  '<div class="admin_a">获取失败</div>';
   }else{
      echo  '<div class="admin_a">'. $content.' </div>';
   }
?>
   <?php 
}else{
?>
      操作出错！<br/>
		  <meta http-equiv=refresh content="3;url=admin.php?action=index">
<?php
}
echo <<<end
<div class="admin_a">
	<a href="admin.php?">返回后台首页</a>
</div>
end;

?>